diff --git a/docs/simplesamlphp-reference-idp-hosted.txt b/docs/simplesamlphp-reference-idp-hosted.txt
index 6e1360f26fdfe4525de6f5ae5dd7cee2ff6e96e3..4cd309fd3a25722b0d7c47fc78d92a5f01948301 100644
--- a/docs/simplesamlphp-reference-idp-hosted.txt
+++ b/docs/simplesamlphp-reference-idp-hosted.txt
@@ -6,19 +6,16 @@ This is a reference for the metadata files
Both files have the following format:
<?php
- $metadata = array(
- /* The index of the array is the entity ID of this IdP. */
- 'entity-id-1' => array(
- 'host' => 'idp.example.org',
- /* Configuration options for the first IdP. */
- ),
- 'entity-id-2' => array(
- 'host' => '__DEFAULT__',
- /* Configuration options for the default IdP. */
- ),
- /* ... */
+ /* The index of the array is the entity ID of this IdP. */
+ $metadata['entity-id-1'] = array(
+ 'host' => 'idp.example.org',
+ /* Configuration options for the first IdP. */
);
- ?>
+ $metadata['entity-id-2'] = array(
+ 'host' => '__DEFAULT__',
+ /* Configuration options for the default IdP. */
+ );
+ /* ... */
The entity ID should be an URI. It can, also be on the form
`__DYNAMIC:1__`, `__DYNAMIC:2__`, `...`. In that case, the entity ID
@@ -214,26 +211,24 @@ These are some examples of IdP metadata
### Minimal SAML 2.0 / Shibboleth 1.3 IdP ###
<?php
- $metadata = array(
+ /*
+ * We use the '__DYNAMIC:1__' entity ID so that the entity ID
+ * will be autogenerated.
+ */
+ $metadata['__DYNAMIC:1__'] = array(
+ /*
+ * We use '__DEFAULT__' as the hostname so we won't have to
+ * enter a hostname.
+ */
+ 'host' => '__DEFAULT__',
+
+ /* The private key and certificate used by this IdP. */
+ 'certificate' => 'server.crt',
+ 'privatekey' => 'server.pem',
+
/*
- * We use the '__DYNAMIC:1__' entity ID so that the entity ID
- * will be autogenerated.
+ * The authentication source for this IdP. Must be one
+ * from config/authsources.php.
*/
- '__DYNAMIC:1__' => array(
- /*
- * We use '__DEFAULT__' as the hostname so we won't have to
- * enter a hostname.
- */
- 'host' => '__DEFAULT__',
-
- /* The private key and certificate used by this IdP. */
- 'certificate' => 'server.crt',
- 'privatekey' => 'server.pem',
-
- /* The authentication source for this IdP. Must be one
- * from config/authsources.php.
- */
- 'auth' => 'example-userpass',
- ),
+ 'auth' => 'example-userpass',
);
- ?>
diff --git a/docs/simplesamlphp-reference-idp-remote.txt b/docs/simplesamlphp-reference-idp-remote.txt
index fbe7de315e98bfc8747945b9bf574807aff5d83d..f69dca7d64012bc399c85c7be498cebdc5a1b204 100644
--- a/docs/simplesamlphp-reference-idp-remote.txt
+++ b/docs/simplesamlphp-reference-idp-remote.txt
@@ -4,17 +4,14 @@ IdP remote metadata reference
This is a reference for metadata options available for `metadata/saml20-idp-remote.php` and `metadata/shib13-idp-remote.php`. Both files have the following format:
<?php
- $metadata = array(
- /* The index of the array is the entity ID of this IdP. */
- 'entity-id-1' => array(
- /* Configuration options for the first IdP. */
- ),
- 'entity-id-2' => array(
- /* Configuration options for the second IdP. */
- ),
- /* ... */
+ /* The index of the array is the entity ID of this IdP. */
+ $metadata['entity-id-1'] = array(
+ /* Configuration options for the first IdP. */
+ );
+ $metadata['entity-id-2'] = array(
+ /* Configuration options for the second IdP. */
);
- ?>
+ /* ... */
Common options
@@ -138,7 +135,6 @@ Examples
### Configuration for openidp.feide.no ###
<?php
- $metadata = array();
$metadata['https://openidp.feide.no'] = array(
'name' => array(
'en' => 'Feide OpenIdP - guest users',
@@ -149,7 +145,6 @@ Examples
'SingleLogoutService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SingleLogoutService.php',
'certFingerprint' => 'c9ed4dfb07caf13fc21e0fec1572047eb8a7a4cb',
);
- ?>
Calculating the fingerprint of a certificate
@@ -160,4 +155,4 @@ If you have obtained a certificate file, and want to calculate the fingerprint o
$ openssl x509 -noout -fingerprint -in "server.crt"
SHA1 Fingerprint=AF:E7:1C:28:EF:74:0B:C8:74:25:BE:13:A2:26:3D:37:97:1D:A1:F9
-In this case, the certFingerprint option should be set to `AF:E7:1C:28:EF:74:0B:C8:74:25:BE:13:A2:26:3D:37:97:1D:A1:F9`.
\ No newline at end of file
+In this case, the certFingerprint option should be set to `AF:E7:1C:28:EF:74:0B:C8:74:25:BE:13:A2:26:3D:37:97:1D:A1:F9`.
diff --git a/docs/simplesamlphp-reference-sp-hosted.txt b/docs/simplesamlphp-reference-sp-hosted.txt
index ef6a5eb5ec892dac42a6ec018ac14fc7780755f0..2b79a1422ee527e242c11ded9469fecd1b3472c3 100644
--- a/docs/simplesamlphp-reference-sp-hosted.txt
+++ b/docs/simplesamlphp-reference-sp-hosted.txt
@@ -4,19 +4,16 @@ SP hosted metadata reference
This is a reference for the metadata files `metadata/saml20-sp-hosted.php` and `metadata/shib13-sp-hosted.php`. Both files have the following format:
<?php
- $metadata = array(
- /* The index of the array is the entity ID of this SP. */
- 'entity-id-1' => array(
- 'host' => 'sp.example.org',
- /* Configuration options for the first SP. */
- ),
- 'entity-id-2' => array(
- 'host' => '__DEFAULT__',
- /* Configuration options for the default SP. */
- ),
- /* ... */
+ /* The index of the array is the entity ID of this SP. */
+ $metadata['entity-id-1'] = array(
+ 'host' => 'sp.example.org',
+ /* Configuration options for the first SP. */
);
- ?>
+ $metadata['entity-id-2'] = array(
+ 'host' => '__DEFAULT__',
+ /* Configuration options for the default SP. */
+ );
+ /* ... */
The entity ID should be an URI. It can also be on the form `__DYNAMIC:1__`, `__DYNAMIC:2__`, `...`. In that case, the entity ID will be generated automatically.
@@ -160,17 +157,14 @@ These are some examples of SP metadata
### Minimal SAML 2.0 / Shibboleth 1.3 SP ###
<?php
- $metadata = array(
+ /*
+ * We use the '__DYNAMIC:1__' entity ID so that the entity ID
+ * will be autogenerated.
+ */
+ $metadata['__DYNAMIC:1__'] = array(
/*
- * We use the '__DYNAMIC:1__' entity ID so that the entity ID
- * will be autogenerated.
+ * We use '__DEFAULT__' as the hostname so we won't have to
+ * enter a hostname.
*/
- '__DYNAMIC:1__' => array(
- /*
- * We use '__DEFAULT__' as the hostname so we won't have to
- * enter a hostname.
- */
- 'host' => '__DEFAULT__',
- ),
+ 'host' => '__DEFAULT__',
);
- ?>
diff --git a/docs/simplesamlphp-reference-sp-remote.txt b/docs/simplesamlphp-reference-sp-remote.txt
index db591fae0a930105cbd22b38e17aa6c38e3984ee..950c16305d233444cbb483a1ede63bd18b4fd696 100644
--- a/docs/simplesamlphp-reference-sp-remote.txt
+++ b/docs/simplesamlphp-reference-sp-remote.txt
@@ -6,17 +6,14 @@ This is a reference for metadata options available for
Both files have the following format:
<?php
- $metadata = array(
- /* The index of the array is the entity ID of this SP. */
- 'entity-id-1' => array(
- /* Configuration options for the first SP. */
- ),
- 'entity-id-2' => array(
- /* Configuration options for the second SP. */
- ),
- /* ... */
+ /* The index of the array is the entity ID of this SP. */
+ $metadata['entity-id-1'] = array(
+ /* Configuration options for the first SP. */
+ );
+ $metadata['entity-id-2'] = array(
+ /* Configuration options for the second SP. */
);
- ?>
+ /* ... */
Common options
diff --git a/metadata-templates/saml20-idp-hosted.php b/metadata-templates/saml20-idp-hosted.php
index 68796e1f35bda7802afff0aa2be0d6fa70c73576..57ae0fd5ab793fbe63d2ad2a0732e7620ff8906d 100644
--- a/metadata-templates/saml20-idp-hosted.php
+++ b/metadata-templates/saml20-idp-hosted.php
@@ -1,38 +1,25 @@
<?php
-/*
- * SAML 2.0 Meta data for simpleSAMLphp
+/**
+ * SAML 2.0 IdP configuration for simpleSAMLphp.
*
- * The SAML 2.0 IdP Hosted config is used by the SAML 2.0 IdP to identify itself.
- *
- * Required parameters:
- * - host
- * - privatekey
- * - certificate
- * - auth
- * - authority
- *
- * Optional Parameters:
- * - 'userid.attribute'
- * - 'redirect.sign'
+ * See: https://rnd.feide.no/content/idp-hosted-metadata-reference
*/
+$metadata['__DYNAMIC:1__'] = array(
+ /*
+ * The hostname of the server (VHOST) that will use this SAML entity.
+ *
+ * Can be '__DEFAULT__', to use this entry by default.
+ */
+ 'host' => '__DEFAULT__',
-$metadata = array(
-
- // The SAML entity ID is the index of this config.
- '__DYNAMIC:1__' => array(
-
- // The hostname of the server (VHOST) that this SAML entity will use.
- 'host' => '__DEFAULT__',
-
- // X.509 key and certificate. Relative to the cert directory.
- 'privatekey' => 'server.pem',
- 'certificate' => 'server.crt',
-
- // Authentication plugin to use. login.php is the default one that uses LDAP.
- 'auth' => 'auth/login.php'
- )
+ /* X.509 key and certificate. Relative to the cert directory. */
+ 'privatekey' => 'server.pem',
+ 'certificate' => 'server.crt',
+ /*
+ * Authentication source to use. Must be one that is configured in
+ * 'config/authsources.php'.
+ */
+ 'auth' => 'example-userpass',
);
-
-?>
diff --git a/metadata-templates/saml20-idp-remote.php b/metadata-templates/saml20-idp-remote.php
index 2185f6f6b8918f5a29bc61b86b1fc1bb642a6cbf..baad60ddf35100e27b204def6ebda0c65e154d95 100644
--- a/metadata-templates/saml20-idp-remote.php
+++ b/metadata-templates/saml20-idp-remote.php
@@ -1,24 +1,22 @@
<?php
-/*
- * SAML 2.0 Meta data for simpleSAMLphp
+/**
+ * SAML 2.0 remote IdP metadata for simpleSAMLphp.
*
- * The SAML 2.0 IdP Remote config is used by the SAML 2.0 SP to identify trusted SAML 2.0 IdPs.
+ * Remember to remove the IdPs you don't use from this file.
*
+ * See: https://rnd.feide.no/content/idp-remote-metadata-reference
*/
-
-$metadata = array();
-/**
+/*
* Guest IdP. allows users to sign up and register. Great for testing!
*/
-
$metadata['https://openidp.feide.no'] = array(
- 'name' => array(
+ 'name' => array(
'en' => 'Feide OpenIdP - guest users',
'no' => 'Feide Gjestebrukere',
),
'description' => 'Here you can login with your account on Feide RnD OpenID. If you do not already have an account on this identity provider, you can create a new one by following the create new account link and follow the instructions.',
-
+
'send_metadata_email' => 'moria-support@uninett.no',
'SingleSignOnService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php',
'SingleLogoutService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SingleLogoutService.php',
@@ -26,73 +24,75 @@ $metadata['https://openidp.feide.no'] = array(
);
-/**
- * Feide, the norwegian federation. Test and production metadata.
+/*
+ * Feide, the norwegian federation. Test and production metadata.
*/
$metadata['https://idp-test.feide.no'] = array(
- 'name' => array(
+ 'name' => array(
'en' => 'Feide Test environment',
'no' => 'Feide testmiljø',
),
- 'description' => 'Feide test environment (idp-test.feide.no). Authenticate with your identity from a school or university in Norway.',
- 'send_metadata_email' => 'moria-support@uninett.no',
- 'SingleSignOnService' => 'https://idp-test.feide.no/simplesaml/saml2/idp/SSOService.php',
- 'SingleLogoutService' => 'https://idp-test.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrame.php',
- 'SingleLogoutServiceResponse' => 'https://idp-test.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrameResponse.php',
- 'certFingerprint' => 'fa982efdb69f26e8073c8f815a82a0c5885960a2',
- 'hint.cidr' => '158.38.0.0/16'
+ 'description' => 'Feide test environment (idp-test.feide.no). Authenticate with your identity from a school or university in Norway.',
+ 'send_metadata_email' => 'moria-support@uninett.no',
+
+ 'SingleSignOnService' => 'https://idp-test.feide.no/simplesaml/saml2/idp/SSOService.php',
+ 'SingleLogoutService' => 'https://idp-test.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrame.php',
+ 'SingleLogoutServiceResponse' => 'https://idp-test.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrameResponse.php',
+
+ 'certFingerprint' => 'fa982efdb69f26e8073c8f815a82a0c5885960a2',
+ 'hint.cidr' => '158.38.0.0/16',
);
$metadata['https://idp.feide.no'] = array(
- 'name' => 'Feide',
- 'description' => array(
+ 'name' => 'Feide',
+ 'description' => array(
'en' => 'Authenticate with your identity from a school or university in Norway.',
'no' => 'Logg inn med din identitet fra skolen eller universitetet du er tilknyttet (i Norge).',
),
- 'send_metadata_email' => 'moria-support@uninett.no',
- 'SingleSignOnService' => 'https://idp.feide.no/simplesaml/saml2/idp/SSOService.php',
- 'SingleLogoutService' => 'https://idp.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrame.php',
- 'SingleLogoutServiceResponse' => 'https://idp.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrameResponse.php',
- 'certFingerprint' => 'cde69e332fa7dd0eaa99ee0ddf06916e8942ac53',
- 'hint.cidr' => '158.38.0.0/16'
+ 'send_metadata_email' => 'moria-support@uninett.no',
+ 'SingleSignOnService' => 'https://idp.feide.no/simplesaml/saml2/idp/SSOService.php',
+ 'SingleLogoutService' => 'https://idp.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrame.php',
+ 'SingleLogoutServiceResponse' => 'https://idp.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrameResponse.php',
+ 'certFingerprint' => 'cde69e332fa7dd0eaa99ee0ddf06916e8942ac53',
+ 'hint.cidr' => '158.38.0.0/16',
);
-/**
+/*
* Wayf, the danish federation metadata.
*/
$metadata['https://wayf.wayf.dk'] = array(
- 'name' => array(
+ 'name' => array(
'en' => 'DK-WAYF Production server',
'da' => 'DK-WAYF Produktionsmiljøet',
),
'description' => 'Login with your identity from a danish school, university or library.',
- 'send_metadata_email' => 'sekretariat@wayf.dk',
+ 'send_metadata_email' => 'sekretariat@wayf.dk',
'SingleSignOnService' => 'https://wayf.wayf.dk/saml2/idp/SSOService.php',
'SingleLogoutService' => 'https://wayf.wayf.dk/saml2/idp/SingleLogoutService.php',
'certFingerprint' => 'c215d7bf9d51c7805055239f66b957d9a72ff44b'
);
$metadata['https://betawayf.wayf.dk'] = array(
- 'name' => array(
+ 'name' => array(
'en' => 'DK-WAYF Quality Assurance',
'da' => 'DK-WAYF Quality Assurance miljøet',
),
'description' => 'Login with your identity from a danish school, university or library.',
- 'send_metadata_email' => 'sekretariat@wayf.dk',
+ 'send_metadata_email' => 'sekretariat@wayf.dk',
'SingleSignOnService' => 'https://betawayf.wayf.dk/saml2/idp/SSOService.php',
'SingleLogoutService' => 'https://betawayf.wayf.dk/saml2/idp/SingleLogoutService.php',
'certFingerprint' => 'c215d7bf9d51c7805055239f66b957d9a72ff44b'
);
$metadata['https://testidp.wayf.dk'] = array(
- 'name' => array(
+ 'name' => array(
'en' => 'DK-WAYF Test Server',
'da' => 'DK-WAYF Test Miljøet',
),
'description' => 'Login with your identity from a danish school, university or library.',
- 'send_metadata_email' => 'sekretariat@wayf.dk',
+ 'send_metadata_email' => 'sekretariat@wayf.dk',
'SingleSignOnService' => 'https://testidp.wayf.dk/saml2/idp/SSOService.php',
'SingleLogoutService' => 'https://testidp.wayf.dk/saml2/idp/SingleLogoutService.php',
'certFingerprint' => '04b3b08bce004c27458b3e85b125273e67ef062b'
diff --git a/metadata-templates/saml20-sp-remote.php b/metadata-templates/saml20-sp-remote.php
index 3660298ed7270b7e50b92713d2a864059841b358..38a0c0f64a91d05ebc2d81200c9ca2bf71eee0c2 100644
--- a/metadata-templates/saml20-sp-remote.php
+++ b/metadata-templates/saml20-sp-remote.php
@@ -1,62 +1,27 @@
<?php
-/*
- * SAML 2.0 Meta data for simpleSAMLphp
- *
- * The SAML 2.0 SP Remote config is used by the SAML 2.0 IdP to identify trusted SAML 2.0 SPs.
- *
- * Required parameters:
- * - AssertionConsumerService
- * - SingleLogoutService
- *
- * Optional parameters:
- *
- * - simplesaml.attributes (Will you send an attributestatement [true/false])
- * - NameIDFormat
- * - ForceAuthn (default: "false")
- * - simplesaml.nameidattribute (only needed when you are using NameID format email or persistent).
- *
- * - 'base64attributes' => false,
- * - 'simplesaml.attributes' => true,
- * - 'attributemap' => 'test',
- * - 'attributes' => array('mail'),
- * - 'userid.attribute'
- *
- * Request signing
- * When redirect.sign is true the certificate of the IDP
- * will be used to sign all messages sent with the HTTPRedirect binding.
- * The certificate from the IDP must be installed in the cert directory
- * before signing can be done.
- *
- * 'redirect.sign' => false,
+/**
+ * SAML 2.0 remote SP metadata for simpleSAMLphp.
*
+ * See: https://rnd.feide.no/content/sp-remote-metadata-reference
*/
-$metadata = array(
-
- /*
- * Example simpleSAMLphp SAML 2.0 SP
- */
- 'https://saml2sp.example.org' => array(
- 'AssertionConsumerService' => 'https://saml2sp.example.org/simplesaml/saml2/sp/AssertionConsumerService.php',
- 'SingleLogoutService' => 'https://saml2sp.example.org/simplesaml/saml2/sp/SingleLogoutService.php'
- ),
-
- /*
- * This example shows an example config that works with Google Apps for education.
- * What is important is that you have an attribute in your IdP that maps to the local part of the email address
- * at Google Apps. In example, if your google account is foo.com, and you have a user that has an email john@foo.com, then you
- * must set the simplesaml.nameidattribute to be the name of an attribute that for this user has the value of 'john'.
- */
- 'google.com' => array(
- 'AssertionConsumerService' => 'https://www.google.com/a/g.feide.no/acs',
- 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:email',
- 'simplesaml.nameidattribute' => 'uid',
- 'simplesaml.attributes' => false
- )
-
-
-
+/*
+ * Example simpleSAMLphp SAML 2.0 SP
+ */
+$metadata['https://saml2sp.example.org'] = array(
+ 'AssertionConsumerService' => 'https://saml2sp.example.org/simplesaml/saml2/sp/AssertionConsumerService.php',
+ 'SingleLogoutService' => 'https://saml2sp.example.org/simplesaml/saml2/sp/SingleLogoutService.php',
);
-
-?>
+/*
+ * This example shows an example config that works with Google Apps for education.
+ * What is important is that you have an attribute in your IdP that maps to the local part of the email address
+ * at Google Apps. In example, if your google account is foo.com, and you have a user that has an email john@foo.com, then you
+ * must set the simplesaml.nameidattribute to be the name of an attribute that for this user has the value of 'john'.
+ */
+$metadata['google.com'] = array(
+ 'AssertionConsumerService' => 'https://www.google.com/a/g.feide.no/acs',
+ 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:email',
+ 'simplesaml.nameidattribute' => 'uid',
+ 'simplesaml.attributes' => FALSE,
+);
diff --git a/metadata-templates/shib13-idp-hosted.php b/metadata-templates/shib13-idp-hosted.php
index 5a33133209a0c5654ea02684f54da030263d842d..eef9726e7ca9ff7514758b5ac0d02a4ae12613c3 100644
--- a/metadata-templates/shib13-idp-hosted.php
+++ b/metadata-templates/shib13-idp-hosted.php
@@ -1,25 +1,26 @@
<?php
-/*
- * Shibboleth 1.3 IdP Meta data for simpleSAMLphp
- *
- *
+/**
+ * SAML 1.1 IdP configuration for simpleSAMLphp.
*
+ * See: https://rnd.feide.no/content/idp-hosted-metadata-reference
*/
+$metadata['__DYNAMIC:1__'] = array(
-$metadata = array(
- '__DYNAMIC:1__' => array(
+ /*
+ * The hostname of the server (VHOST) that will use this SAML entity.
+ *
+ * Can be '__DEFAULT__', to use this entry by default.
+ */
+ 'host' => '__DEFAULT__',
- 'host' => '__DEFAULT__',
- 'audience' => 'urn:mace:feide:shiblab',
-
- // X.509 key and certificate. Relative to the cert directory.
- 'privatekey' => 'server.pem',
- 'certificate' => 'server.crt',
-
- // Authentication plugin to use. login.php is the default one that uses LDAP.
- 'auth' => 'auth/login.php'
- )
-);
+ /* X.509 key and certificate. Relative to the cert directory. */
+ 'privatekey' => 'server.pem',
+ 'certificate' => 'server.crt',
-?>
\ No newline at end of file
+ /*
+ * Authentication source to use. Must be one that is configured in
+ * 'config/authsources.php'.
+ */
+ 'auth' => 'example-userpass',
+);
diff --git a/metadata-templates/shib13-idp-remote.php b/metadata-templates/shib13-idp-remote.php
index f5ad171d678603d8a748aa4d5f77d1d38c73b493..5c8f585dc79980ce3cd95ca4e64d5046b3e1290b 100644
--- a/metadata-templates/shib13-idp-remote.php
+++ b/metadata-templates/shib13-idp-remote.php
@@ -1,18 +1,13 @@
<?php
-/**
- * SAML 2.0 Meta data for simpleSAMLphp
- *
- *
+/**
+ * SAML 1.1 remote IdP metadata for simpleSAMLphp.
*
+ * Remember to remove the IdPs you don't use from this file.
*
+ * See: https://rnd.feide.no/content/idp-remote-metadata-reference
*/
-
-$metadata = array(
- 'theproviderid-of-the-idp' => array(
- 'SingleSignOnService' => 'https://idp.example.org/shibboleth-idp/SSO',
- 'certFingerprint' => 'c7279a9f28f11380509e072441e3dc55fb9ab864'
- )
+$metadata['theproviderid-of-the-idp'] = array(
+ 'SingleSignOnService' => 'https://idp.example.org/shibboleth-idp/SSO',
+ 'certFingerprint' => 'c7279a9f28f11380509e072441e3dc55fb9ab864',
);
-
-?>
\ No newline at end of file
diff --git a/metadata-templates/shib13-sp-hosted.php b/metadata-templates/shib13-sp-hosted.php
index cddb485e832b5bf4bb8fee08ab5f939726cf00ac..1c6aee48ff58b20da909c9ecd17dcd39324978b7 100644
--- a/metadata-templates/shib13-sp-hosted.php
+++ b/metadata-templates/shib13-sp-hosted.php
@@ -1,18 +1,13 @@
<?php
-/*
- * SAML 2.0 Meta data for simpleSAMLphp
+/**
+ * SAML 1.1 SP configuration for simpleSAMLphp.
*
+ * See: https://rnd.feide.no/content/sp-hosted-metadata-reference
*/
-$metadata = array(
-
- /*
- * Example of hosted Shibboleth 1.3 SP.
- */
- '__DYNAMIC:1__' => array(
- 'host' => '__DEFAULT__'
- )
-
+/*
+ * Example of hosted Shibboleth 1.3 SP.
+ */
+$metadata['__DYNAMIC:1__'] = array(
+ 'host' => '__DEFAULT__',
);
-
-?>
\ No newline at end of file
diff --git a/metadata-templates/shib13-sp-remote.php b/metadata-templates/shib13-sp-remote.php
index 0c8c1a70b3736ef9da548e0bf2702c27e0800a0f..5e521f14bb29cead4fbce1aa503cf082e6ba7de2 100644
--- a/metadata-templates/shib13-sp-remote.php
+++ b/metadata-templates/shib13-sp-remote.php
@@ -1,36 +1,24 @@
<?php
-/*
- * Shibboleth 1.3 Meta data for simpleSAMLphp
- *
- *
- *
+/**
+ * SAML 1.1 remote SP metadata for simpleSAMLphp.
*
+ * See: https://rnd.feide.no/content/sp-remote-metadata-reference
*/
+$metadata['https://sp.shiblab.feide.no'] = array(
+ 'AssertionConsumerService' => 'http://sp.shiblab.feide.no/Shibboleth.sso/SAML/POST',
+ 'audience' => 'urn:mace:feide:shiblab',
+ 'base64attributes' => FALSE,
+);
-$metadata = array(
-
- 'https://sp.shiblab.feide.no' => array(
- 'AssertionConsumerService' => 'http://sp.shiblab.feide.no/Shibboleth.sso/SAML/POST',
- 'audience' => 'urn:mace:feide:shiblab',
- 'base64attributes' => false
- ),
- 'urn:geant:edugain:component:be:switchaai-test:central' => array(
- 'AssertionConsumerService' => 'https://edugain-login.switch.ch/ShiBE-R/WebSSOResponseListener',
- 'audience' => 'urn:geant:edugain:component:be:switchaai-test:central',
- 'base64attributes' => false
- ),
- 'urn:geant:edugain:component:be:rediris:rediris.es' => array(
- 'AssertionConsumerService' => 'http://serrano.rediris.es:8080/PAPIWebSSOResponseListener/request',
- 'audience' => 'urn:geant:edugain:component:be:rediris:rediris.es',
- 'base64attributes' => false
- ),
- 'https://skjak.uninett.no/shibboleth/target' => array(
- 'AssertionConsumerService' => 'https://skjak.uninett.no/Shibboleth.shire',
- 'audience' => 'https://skjak.uninett.no/shibboleth/target',
- 'base64attributes' => false
- )
-
+$metadata['urn:geant:edugain:component:be:switchaai-test:central'] = array(
+ 'AssertionConsumerService' => 'https://edugain-login.switch.ch/ShiBE-R/WebSSOResponseListener',
+ 'audience' => 'urn:geant:edugain:component:be:switchaai-test:central',
+ 'base64attributes' => FALSE,
);
-?>
\ No newline at end of file
+$metadata['urn:geant:edugain:component:be:rediris:rediris.es'] = array(
+ 'AssertionConsumerService' => 'http://serrano.rediris.es:8080/PAPIWebSSOResponseListener/request',
+ 'audience' => 'urn:geant:edugain:component:be:rediris:rediris.es',
+ 'base64attributes' => FALSE,
+);
diff --git a/metadata-templates/wsfed-idp-remote.php b/metadata-templates/wsfed-idp-remote.php
index 5bfd3627ec1bb77d8be1d6817b553e36014d8c74..483560a31faa7383ac3374e8e250cd5af01c2242 100644
--- a/metadata-templates/wsfed-idp-remote.php
+++ b/metadata-templates/wsfed-idp-remote.php
@@ -1,11 +1,9 @@
<?php
+/**
+ * WS-Federation remote IdP metadata for simpleSAMLphp.
+ */
-$metadata = array(
-
- 'urn:federation:pingfederate:localhost' => array(
- 'prp' => 'https://localhost:9031/idp/prp.wsf',
- 'certificate' => 'pingfed-localhost.pem',
- ),
+$metadata['urn:federation:pingfederate:localhost'] = array(
+ 'prp' => 'https://localhost:9031/idp/prp.wsf',
+ 'certificate' => 'pingfed-localhost.pem',
);
-
-?>
diff --git a/metadata-templates/wsfed-sp-hosted.php b/metadata-templates/wsfed-sp-hosted.php
index 238f33a13c0b8f91163b2b46e6c31eb5f5b19c29..c9193390c31a51b72eacad3c870f5157911ea559 100644
--- a/metadata-templates/wsfed-sp-hosted.php
+++ b/metadata-templates/wsfed-sp-hosted.php
@@ -1,20 +1,11 @@
<?php
-/*
- * WS-Federation Meta data for simpleSAMLphp
- *
- * The WS-Federation SP Hosted config is used by the WS-Federation SP to identify itself.
+/**
+ * WS-Federation SP configuration for simpleSAMLphp.
*
* Required fields:
* - host
*/
-$metadata = array(
- /*
- * Example of a hosted SP
- */
- '__DYNAMIC:1__' => array(
- 'host' => '__DEFAULT__'
- )
+$metadata['__DYNAMIC:1__'] = array(
+ 'host' => '__DEFAULT__',
);
-
-?>